Victor C.
-
Posts
35 -
Joined
-
Last visited
Never
Posts posted by Victor C.
-
-
Hi,
Happy New Year! In order to resolve the update databases issue, please ensure your KSWS devices are activated with key file instead of activation code.
You can convert your activation code to key file at keyfile.kaspersky.com
If you are still unable to get this working with above documentation, please contact our support department so we can assist you: Contact Information | Kaspersky
Kind regards.
-
Hi,
Happy New Year! In order to resolve this issue, please configure your third-party security appliance (web proxy or firewall) to allow connections from Administration Server to:
* TCP port 443 of s[00-18].upd.kaspersky.com
* TCP port 443 of downloads.upd.kaspersky.com
* TCP port 443 of cm.k.kaspersky-labs.com
* TCP port 80 of crl.kaspersky.comAlso, the following Kaspersky Lab update servers are recommended to be set to allow list in your security appliance.
https://support.kaspersky.com/general/products/6105If you are still unable to get this working with above documentation, please contact our support department so we can assist you: Contact Information | Kaspersky
Kind regards.
-
Hi,
Ports 13000 and 14000 are required to be opened in order to the Network agents to communicate to KSC server. Also, please confirm that your devices are on the same network as KSC server. See more information provided here:
Ports used by Kaspersky Security Center
https://support.kaspersky.com/KSC/13.1/en-US/158830.htmIf you are still unable to get this working with above documentation, please contact our support department so we can assist you: Contact Information | Kaspersky
Kind regards.
-
Hi,
Running tasks could be stopped by Right click and select Stop action. Information on Task management could be found here:
https://support.kaspersky.com/KESWin/11.7.0/en-US/176975.htm
If tasks are stuck in KSC and looking to force a stop, you could restart KSC Administrator service.
I hope this helps.
-
Recommendations for the installation of Network Agent 10 and Kaspersky Light Agent 5.1 on a golden image used by Virtual Desktop Infrastructure
https://support.kaspersky.com/14052#block2 -
Hi,
In order to fix this issue, please uninstall current Network Agent, select option in the Network Agent package to "Enable dynamic mode for VDI" and install it on the VDI machines. This would remove the computer from the SC structure once the VM running this NA mode is shutdown.
And would create a new instance of the VM object in the SC once the computer is turned on again. The option to "Enable dynamic mode for VDI" is only available in the Network Agent package. NA is the connector between the client and KSC therefore this would enable to synchronize and report to KSC database. We recommend creating a new Network Agent installation package (with the Enable dynamic mode for VDI option enabled) to be used for installing on temporary virtual machines.Please see steps provided on the link bellow:
What is the dynamic VDI mode in Kaspersky Security Center 10?
https://support.kaspersky.com/9305 -
Hi,
In order to verify if your system is infected and remove the threat, please update KES databases and run a Full Scan on the affected system.
If scan comes up clean, you could try to use other tools to scan your system here:
https://support.kaspersky.com/11309
1. Use Kaspersky Virus Removal Tool to scan and disinfect your computer.
https://support.kaspersky.com/viruses/kvrt2015
Please try to cure computer with KVRT:
https://box.kaspersky.com/f/25341000aaa34467a9ca/?dl=1
2. Use the TDSSKiller tool to fight against rootkits.
https://support.kaspersky.com/5350#block1
3.Use Kaspersky Rescue Disk if disinfection with Kaspersky Virus Removal Tool or TDSSKiller did not help.
https://support.kaspersky.com/viruses/krd18I hope this helps.
-
Hi,
Here is the status update from the R&D team.This week we plan to start the first part of service works to fix that issue.
For those users who already installed KES 11.7, we prepared the solution with automatic PF deployment. We are now waiting for the final PF to be prepared.
For users who haven’t installed KES 11.7 yet, we plan to perform service works to change packages on the fixed versions.As for the existing PF9313, please check the installation scenario below:
Start command line with administrator privileges and perform the following commands:
• 1. sc stop klnagent
• 2. msiexec /i {F4ECE08F-50E9-44E2-A2F3-2F3C8DDF8E16} PATCH=<full path to pf including the name of the file pf9313.msp> LOCKFILESONUPDATE="" EULA=1 PRIVACYPOLICY=1 /qn
Patch installation will start. The product will be unloaded from the system for a couple of seconds and then will start automatically. During that time you may see the announcement from windows security center, that KES and Defender are stopped.After making sure that PF is installed please run the command: sc start klnagent.
That is not the final solution but could be used for whom this situation is critical and can’t wait for other PF or KES fixed version.
Thank you for your cooperation.
-
Hi,
A private fix has been released for the issue reported.
KESCloud - "Protection is disabled. Security application is not running" status
Instructions how to install it: https://support.kaspersky.com/14409
Thank you for your cooperation.
-
Hi,
Please be advised that a private fix for this issue is expected to be ready on November 12th.
The date is approximate but if there are changes I will post it on this forum.
In regards to the issue, this is happening in the environments with 2 following conditions combined:
1. KES 11.7 managed by KES Cloud, either newly installed or upgraded from previous versions;
2. No proxy server configured to reach KES Cloud.Unfortunately, deploying proxy settings, either fake or actually working, will not help here.
To prevent issues from happening massively, the seamless update of KES 11.7 was stopped and postponed till fixed. PF preparation is in progress. KES 11.7 distribution package with the fix will be issued additionally.
If it is critical for the customer and can't wait till the PF is released, it’s advised to roll back to the previous version KES 11.6.
After the release of fixed KES 11.7 as a separate package and 11.7 seamless update deployment, these hosts should be upgraded back to 11.7 with no issues at all.
Thank you for your cooperation.
-
Hi,
If none of the above solutions apply, the case should require Kaspersky Support assistance. Please contact the Kaspersky Business Support team by opening a web ticket through the company's account portal: https://companyaccount.kaspersky.com/account/login or contact technical support in your region.
Please see your region support group contacts here: https://support.kaspersky.com/b2b/
Thank you for your cooperation.
-
Hi,
The issue reported is currently being investigated with highest priority by HQ team and a solution is being worked on.
So far issue could be resolved by re-installation of KES 11.7 version.
We apologize for any inconvenience that this may have caused and we appreciate your cooperation.
Once a solution is provided, I will make sure to post it on this forum.
If require immediate assistance and your case should require a Kaspersky Support assistance, please contact Kaspersky Business Support team by opening a web ticket through the company's account portal: https://companyaccount.kaspersky.com/account/login or contact technical support in your region.
Thank you for your understanding and cooperation.
-
Hi,
This may be related to corrupted databases in KSC. In order to fix it, please clear updates repository and download the updates once again.
http://support.kaspersky.com/9307
Once new database updates are downloaded, please run database update task for your managed devices.
I hope this helps.
-
Hi,
From information provided, it seems that KES update component may be malfunctioning. In order to resolve the issue, please try to uninstall and re-install KES then perform database update task.
To remove any remnants of the KES product, please use kavremover utility to uninstall KES.
Download the archive kavremover.zip from the following link:
https://support.kaspersky.com/1464#block1I hope this helps.
-
Hi,
From information provided it seems that Network agent is connecting to KSC server. Now verify if KSC server is able to communicate to affected device by trying to ping and telnet over ports 13000 and 14000 to the device. This will ensure that outbound and inbound connection is working properly.
If workstation failed to connect to the Administration Server at
<address_or_name>:<port>because the Administration Server is unavailable at this address.Possible reasons:
1. Connection is blocked by a firewall. The firewall may be installed on the problem workstation, or on the Administration Server host
<address_or_name>, or somewhere between them;2. The Administration Server has another address or port;
3. The Administration Server failed to initialize or isn't running on the host
<address_or_name>;4. Address
<address_or_name>cannot be resolved properly on the workstation side.To resolve the problem try the following steps.
- On the computer with the Administration Server installed run netstat to check if the Administration Server really listens to TCP port
<port>.netstat -a -o -n -p TCP
Name of the Administration Server process isklserver.exe. If the Administration Server failed to open port 13000 the Kaspersky Event Log in.csvor.xmlformat from the computer with the Administration Server installed is required.- On the affected workstation try to ping the
<address_or_name>withpingutility and see which ip address the utility shows. Then on the computer with the Administration Server installed runipconfigutility and make sure that returned ip address is equal to one the ping utility has returned on the affected workstation.- On the affected workstation try to connect to the Administration Server with the
akconnectutility:akconnect <address_or_name> <port>If it fails then it is possibly a firewall issue. Look into firewall logs or try to temporarily turn off firewall and see if the problem can be reproduced without the firewall. Make sure that the firewall has correct rules.
If require further troubleshooting, please contact Kaspersky Business Support by opening a web ticket through the company's account portal: https://companyaccount.kaspersky.com/account/login. If none of the above solutions apply, the case should require a Kaspersky Support assistance.
I hope this helps.
-
Hi,
In order to have your webcam working, please add application to trusted under Host Intrusion Prevention in the policy of KES per instructions provided. Also, you could set to allow access to webcam under Application rights for Host Intrusion Prevention component. See attached.
I hope this helps.
-
Hi,
Transport layer generic errors are referring to connectivity issues. In order to deploy licenses to devices remotely from KSC, please ensure Network agent is installed and running on your client devices.
If require to troubleshoot Network agent connection to KSC server, please run Klnagchk. A utility for analyzing Network agent connection settings
http://support.kaspersky.com/9292
Graphic utility for Network Agent management - klcsngtgui
http://support.kaspersky.com/9319I hope this helps.
-
If the above solution does not work, please use kavremover utility on affected system to remove KES then re-install.
Download the archive kavremover.zip from the following link:
https://support.kaspersky.com/1464#block1 -
Hi,
It refers to hit Enter once “Create new task” has been typed in the dialog box and then issue should be resolved. If issue persist, please refer to more details on the forum below:
I hope this helps.
-
To create Incident Card properly
- Kaspersky Endpoint Agent should be installed with KES
- Component Change with KEA on will also do
- KEA should be activated with a valid license
- KEA license auto distribution doesn’t work as of now, you need to create and run activation task
If KEA is integraed with KES properly you can find this registry is created.
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\KasperskyLab\protected\KES\Installer\features\AntiAPTFeature = 1
-
Hi,
In order to resolve the issue reported, please ensure KEA is activated with proper license.
For more details, please see resolution listed on this forum link:
LinkI hope this helps.
-
Problem
Sometimes KES tray icon gives you some unexpected behavior like showing up twice or not appearing at all ( icons next to Windows clock).Please follow the solution below:
Reset the tray icons:Open regedit;
Go to HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify;
In the right pane, backup & delete the IconStreams Registry value;
Now back up & delete the PastIconsStream Registry value;
Close Registry Editor;
Open Task Manger Use File -> Run new task menu item in Task Manager;
Type Explorer in the "Create New Task" dialog and press Enter to restore Desktop.
This should fix your tray icons issues. The Registry values above represent the notification area icon cache which stores the tray icons for all apps.If this cache is corrupted, it may also prevent system icons from appearing in the tray.
-
This problem has been observed in KES 11.5, but may apply to other versions as well.
Problem
Sometimes KES tray icon gives you some unexpected behavior like showing up twice or not appearing at all ( icons next to Windows clock).
Solution
Reset the tray icons:
-
Open regedit;
-
Go to HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify;
- In the right pane, backup & delete the IconStreams Registry value;
- Now back up & delete the PastIconsStream Registry value;
- Close Registry Editor;
- Open Task Manger Use File -> Run new task menu item in Task Manager;
- Type Explorer in the "Create New Task" dialog and press Enter to restore Desktop.
This should fix your tray icons issues. The Registry values above represent the notification area icon cache which stores the tray icons for all apps.
If this cache is corrupted, it may also prevent system icons from appearing in the tray.
-
-
Sorry for too many posts.
I really want to know how to check if KEA is installed properly.
“Properly” means that incident card should be created when the pc gets infected with virus.
I need to distribute KEA to around 900 PCs. I can’t test each PC if incident card is created or not.
Thanks in advance.
Yasutoshi Takayama
You can verify if KEA is installed in KSC Console under Device Properties>Applications.
The following changes are made locally when KEA is installed:
https://support.kaspersky.com/KEDR_Optimum/1.0/en-US/199164.htm
The following Kaspersky Endpoint Agent services are registered and started under the system account (SYSTEM):
- SOYUZ.exe is the main Kaspersky Endpoint Agent service that manages its tasks and operation processes.
- VOSTOK.dll (executed in proton.exe) is a service that provides interaction between Kaspersky Endpoint Agent and the Central Node component.
- ANGARA.dll (executed in proton.exe) is a service that provides interaction between Kaspersky Endpoint Agent and EPP in scenarios of Kaspersky Sandbox integration.
KES 11.X - Microsoft Recommended Exclusions from Scanning
in Kaspersky Endpoint Security for Business
Posted
Hi,
The default Microsoft Exclusions are included automatically but they are now hard coded and therefore hidden. If you have Microsoft applications installed in a non-standard or non-default folder, you may need to add additional exclusions locally or in the policy of KES.
Kind regards.